:o Rotwerd... Ja ging, weiter im Text....
Hallo Leo,
nein, ich bin nicht weggenickt zwischendurch ;). Hier die drei Logs:AdwCleaner Logfile:
Code:
# AdwCleaner v3.000 - Report created 21/08/2013 at 21:46:31
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : SanDi - SANDI-LÄPPI
# Running from : C:\Users\SanDi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UBYH1QZ\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\Windows Searchqu Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\SanDi\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\SanDi\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\SanDi\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\SanDi\AppData\Roaming\Babylon
Folder Deleted : C:\Users\SanDi\AppData\Roaming\file scout
Folder Deleted : C:\Users\SanDi\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\Searchqutoolbar
Folder Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Folder Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\Extensions\ffxtlbra@softonic.com
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\searchplugins\Askcom.xml
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\searchplugins\Babylon.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\searchplugins\BrowserProtect.xml
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\searchplugins\delta.xml
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\searchplugins\Search_Results.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\searchplugins\softonic.xml
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\bprotector_extensions.sqlite
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\bprotector_prefs.js
File Deleted : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\user.js
File Deleted : C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Windows\System32\Tasks\BrowserProtect
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
Key Deleted : HKCU\Software\953de88e739ec47
Key Deleted : HKLM\SOFTWARE\953de88e739ec47
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vlc-media-player_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vlc-media-player_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\delta LTD
Key Deleted : HKCU\Software\filescout
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SearchquMediabarTb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v21.0 (de)
[ File : C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("extensions.Softonic.admin", false);
Line Deleted : user_pref("extensions.Softonic.aflt", "SD");
Line Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
Line Deleted : user_pref("extensions.Softonic.cntry", "DE");
Line Deleted : user_pref("extensions.Softonic.cv", "cv5");
Line Deleted : user_pref("extensions.Softonic.dfltLng", "de");
Line Deleted : user_pref("extensions.Softonic.dfltSrch", true);
Line Deleted : user_pref("extensions.Softonic.dfltlng", "de");
Line Deleted : user_pref("extensions.Softonic.dfltsrch", true);
Line Deleted : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.Softonic.dspOld", "");
Line Deleted : user_pref("extensions.Softonic.envrmnt", "production");
Line Deleted : user_pref("extensions.Softonic.excTlbr", false);
Line Deleted : user_pref("extensions.Softonic.firsttimeinstallation", "true");
Line Deleted : user_pref("extensions.Softonic.hdrMd5", "8A76A3B2B9199C2E95846C0ACD8E4BA7");
Line Deleted : user_pref("extensions.Softonic.hmpg", true);
Line Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&cc=");
Line Deleted : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&cc=");
Line Deleted : user_pref("extensions.Softonic.hpOld", "hxxp://www.psd-tutorials.de");
Line Deleted : user_pref("extensions.Softonic.hrdid", "be0ac506000000000000bc77371ae64b");
Line Deleted : user_pref("extensions.Softonic.id", "be0ac506000000000000bc77371ae64b");
Line Deleted : user_pref("extensions.Softonic.instlDay", "15554");
Line Deleted : user_pref("extensions.Softonic.instlRef", "INF1205T01");
Line Deleted : user_pref("extensions.Softonic.instlday", "15554");
Line Deleted : user_pref("extensions.Softonic.instlref", "INF1205T01");
Line Deleted : user_pref("extensions.Softonic.isdcmntcmplt", "false");
Line Deleted : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=2&cc=&q=");
Line Deleted : user_pref("extensions.Softonic.keywordurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=2&cc=&q=");
Line Deleted : user_pref("extensions.Softonic.lastVrsnTs", "1.6.4.311:52:14");
Line Deleted : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Line Deleted : user_pref("extensions.Softonic.monitorreport", true);
Line Deleted : user_pref("extensions.Softonic.newTab", true);
Line Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=15&cc=");
Line Deleted : user_pref("extensions.Softonic.newtab", true);
Line Deleted : user_pref("extensions.Softonic.newtaburl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=15&cc=");
Line Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
Line Deleted : user_pref("extensions.Softonic.propectorlck", 87054682);
Line Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
Line Deleted : user_pref("extensions.Softonic.prtnrid", "softonic");
Line Deleted : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings");
Line Deleted : user_pref("extensions.Softonic.savedVrsnTs", "1");
Line Deleted : user_pref("extensions.Softonic.sg", "az");
Line Deleted : user_pref("extensions.Softonic.smplGrp", "none");
Line Deleted : user_pref("extensions.Softonic.smplgrp", "none");
Line Deleted : user_pref("extensions.Softonic.srch", "");
Line Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.Softonic.tlbrId", "base");
Line Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=1&cc=&q=");
Line Deleted : user_pref("extensions.Softonic.tlbrid", "base");
Line Deleted : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=1&cc=&q=");
Line Deleted : user_pref("extensions.Softonic.vrsn", "1.6.4.3");
Line Deleted : user_pref("extensions.Softonic.vrsnTs", "1.6.4.311:52:14");
Line Deleted : user_pref("extensions.Softonic.vrsni", "1.6.4.3");
Line Deleted : user_pref("extensions.Softonic.vrsnts", "1.6.4.311:52:14");
Line Deleted : user_pref("extensions.Softonic_i.dnsErr", true);
Line Deleted : user_pref("extensions.Softonic_i.hmpg", true);
Line Deleted : user_pref("extensions.Softonic_i.newTab", true);
Line Deleted : user_pref("extensions.Softonic_i.smplGrp", "none");
Line Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.6.4.311:52:14");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.bbDpng", "16");
Line Deleted : user_pref("extensions.delta.cntry", "DE");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.hdrMd5", "06F48BCA09480D08AB57F2BE58710B5A");
Line Deleted : user_pref("extensions.delta.hmpg", false);
Line Deleted : user_pref("extensions.delta.id", "be0ac506000000000000bc77371ae64b");
Line Deleted : user_pref("extensions.delta.instlDay", "15830");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.lastVrsnTs", "");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.sg", "tzb");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.16.16");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.16.1619:36:46");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.16.16");
Line Deleted : user_pref("extensions.enabledAddons", "ffxtlbra%40softonic.com:1.6.0,%7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.2.5,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0");
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\HP\\\\Digital Imaging\\\\Smart Web Printin[...]
-\\ Google Chrome v28.0.1500.95
[ File : C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
Deleted : urls_to_restore_on_startup
Deleted : search_url
*************************
AdwCleaner[R0].txt - [20515 octets] - [21/08/2013 21:35:32]
AdwCleaner[R1].txt - [20576 octets] - [21/08/2013 21:45:33]
AdwCleaner[S0].txt - [20453 octets] - [21/08/2013 21:46:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20514 octets] ##########
--- --- ---
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.2 (08.20.2013:1)
OS: Windows 7 Home Premium x64
Ran by SanDi on 21.08.2013 at 22:00:24,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\anchorfree
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\uniblue\driverscanner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{266627B6-76C5-49C6-910E-1F76DC991AFB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4B699018-2330-4AB6-A0CE-2C482767F8C0}
~~~ Files
Successfully deleted: [File] C:\Windows\syswow64\sho255B.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho392E.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9879.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA073.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB636.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB95.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE955.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE974.tmp
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{0024A03F-F6DE-4C5A-8BAB-4F51526490F0}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{1884A425-7C99-4B17-82D5-8E715FBFBEFF}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{1DC5DDAB-C9B9-4B9B-A4AD-421DFB2C3E62}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{235C691A-8510-4D1B-A7D1-464CC70CBD8C}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{4402B36D-F1B7-4C63-A7FF-4FC9007A453A}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{5341DC59-95AB-41CD-8C78-FFB189698E6E}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{5674FB5D-926D-4803-AA59-1DE9FEC50820}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{666F8FA5-B15F-4B8F-BCAB-BB03F623A356}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{7C2F0D1A-1F4F-4DA6-B525-4E874CF20FA0}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{825B6363-A7BC-4E89-91DC-DFFE9F4A7F5E}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{8B0D8EF9-E384-4468-9D16-0B41117FA727}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{9660E959-C205-4AA6-88F1-EFCBBC3CB24E}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{A41CB010-A5F2-4F11-B701-99C4FF050444}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{A5A85C38-6735-4736-BD71-4A840BC6A3ED}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{A82762E1-7922-4D49-B5DA-D73D4403A9F8}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{D8D4507A-24F3-4104-A5A1-379028303139}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{F58A416B-5CDE-4EFF-BF87-4F5BB88B26B7}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{F5E2B0A3-396F-484C-8D9C-877C1C339A7D}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{F6766042-6561-4464-A473-D88FB7EC165B}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{F7156D76-8D90-4BD1-A839-E02C669B2D88}
Successfully deleted: [Empty Folder] C:\Users\SanDi\appdata\local\{FE5A766C-2110-4FF2-A0D1-C2DD57C8E60D}
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted: [File] C:\Users\SanDi\AppData\Roaming\mozilla\firefox\profiles\qxo6284e.default\invalidprefs.js
Emptied folder: C:\Users\SanDi\AppData\Roaming\mozilla\firefox\profiles\qxo6284e.default\minidumps [43 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.08.2013 at 22:13:59,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2013 02
Ran by SanDi (administrator) on 21-08-2013 22:20:35
Running from C:\Users\SanDi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UBYH1QZ
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(X10) C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Adobe Systems, Inc.) C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\watchmi\TvdTray.exe
(Dropbox, Inc.) C:\Users\SanDi\AppData\Roaming\Dropbox\bin\Dropbox.exe
(SkyHawke) C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-02-05] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10361616 2011-02-11] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
HKCU\...\Run: [AdobeBridge] - C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe [12008296 2011-03-02] (Adobe Systems, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
MountPoints2: {1fd7d381-b903-11e1-8632-00262dc73c8e} - F:\CD_Start.exe
HKLM-x32\...\Run: [HotkeyApp] - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2010-12-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] - C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-12] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] - C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [38984 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840768 2013-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [CaddieSyncConduit] - C:\Program Files (x86)\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe [2544960 2013-05-08] (SkyHawke)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [218880 2012-05-31] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe [232368 2012-07-03] (Sun Microsystems, Inc.)
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
AppInit_DLLs: [0 ] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk
ShortcutTarget: watchmi tray.lnk -> C:\Windows\Installer\{AA4D1C5E-116A-4FF4-AA91-28F526868203}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe (Acresso Software Inc.)
Startup: C:\Users\SanDi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\SanDi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://uploadserver.info/premium/mirror2/uploader/ImageUploader5.cab
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T27L10NSP32EP1-13926/webex/ieatgpc1.cab
Handler: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: fluxhttp - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax (ACE GmbH)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @fluxdvd.com/NPWMDRMWrapper - C:\Program Files (x86)\Videoload Manager\NPWMDRMWrapper.dll ( )
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPMPDRM - C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: NitroPDF - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Extension: No Name - C:\Users\SanDi\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
FF Extension: No Name - C:\Users\SanDi\AppData\Roaming\Mozilla\Firefox\Profiles\qxo6284e.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Kaspersky URL Advisor) - C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.0.3370_0
CHR Extension: (Safe Money) - C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.0.3370_0
CHR Extension: (Virtual Keyboard) - C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.0.3370_0
CHR Extension: (Skype Click to Call) - C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (Anti-Banner) - C:\Users\SanDi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.0.3370_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx
==================== Services (Whitelisted) =================
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [218880 2012-05-31] (Kaspersky Lab ZAO)
R2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2003-04-18] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-02-05] ()
R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [341296 2011-06-21] (Nitro PDF Software)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [3969336 2012-04-05] (INCA Internet Co., Ltd.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] ()
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [62464 2010-12-06] ()
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
R2 x10nets; C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe [20480 2009-11-07] (X10)
==================== Drivers (Whitelisted) ====================
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458544 2012-04-13] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [640344 2012-05-29] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30000 2012-03-27] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2012-05-25] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [27992 2012-05-25] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54064 2012-05-12] (Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [172888 2012-05-24] (Kaspersky Lab)
S3 mod7764; C:\Windows\System32\DRIVERS\mod77-64.sys [1077416 2010-09-16] (DiBcom SA)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [32792 2009-05-13] (X10 Wireless Technology, Inc.)
S1 HWiNFO32; \??\G:\Hwinfo32\HWiNFO64A.SYS [x]
S3 uxddrv; \??\F:\uxddrv64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-21 22:14 - 2013-08-21 22:14 - 00004850 _____ C:\Users\Sandra\Documents\JRT.txt
2013-08-21 22:14 - 2013-08-21 22:13 - 00004850 _____ C:\Users\SanDi\Desktop\JRT.txt
2013-08-21 22:00 - 2013-08-21 22:00 - 00000000 ____D C:\Windows\ERUNT
2013-08-21 21:53 - 2013-08-21 21:53 - 00020643 _____ C:\Users\Sandra\Documents\AdwCleaner[S0].txt
2013-08-21 21:53 - 2013-08-21 21:53 - 00020643 _____ C:\Users\Sandra\Documents\AdwCleaner[S0].txt
2013-08-21 21:32 - 2013-08-21 21:46 - 00000000 ____D C:\AdwCleaner
2013-08-21 20:30 - 2013-08-21 20:30 - 00015760 _____ C:\Users\Sandra\Documents\Logfiles.zip
2013-08-21 20:30 - 2013-08-21 20:30 - 00015760 _____ C:\Users\Sandra\Documents\Logfiles.zip
2013-08-21 20:09 - 2013-08-21 20:09 - 00051348 _____ C:\Users\Sandra\Documents\FRST.txt
2013-08-21 20:09 - 2013-08-21 20:09 - 00051348 _____ C:\Users\Sandra\Documents\FRST.txt
2013-08-21 20:08 - 2013-08-21 20:08 - 00030276 _____ C:\Users\Sandra\Documents\FRS Tool.txt
2013-08-21 20:08 - 2013-08-21 20:08 - 00030276 _____ C:\Users\Sandra\Documents\FRS Tool.txt
2013-08-21 20:05 - 2013-08-21 20:05 - 00000000 ____D C:\FRST
2013-08-21 19:42 - 2013-08-21 19:42 - 00000000 ____D C:\Users\SanDi\AppData\Roaming\Malwarebytes
2013-08-21 19:39 - 2013-08-21 19:39 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-21 19:39 - 2013-08-21 19:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-21 19:39 - 2013-08-21 19:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-21 19:39 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-15 09:44 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 09:44 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 09:44 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 09:44 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 09:44 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 09:44 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 09:44 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 09:44 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 09:44 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 09:44 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 09:44 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 09:44 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 09:44 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 09:44 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 16:51 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 16:51 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 16:51 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 16:51 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 16:51 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 16:51 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 16:51 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 16:51 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 16:50 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 16:50 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 16:50 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 16:50 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 16:50 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 16:50 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 16:50 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 16:50 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 16:50 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 16:50 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 16:50 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 16:50 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 16:50 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 16:50 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 16:50 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 16:50 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 16:50 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 16:50 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 16:50 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-11 21:48 - 2013-08-11 21:48 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-09 13:12 - 2013-08-09 13:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-07 14:02 - 2013-08-09 20:03 - 00146432 ___SH C:\Users\Sandra\Documents\Thumbs.db
2013-08-07 14:02 - 2013-08-09 20:03 - 00146432 ___SH C:\Users\Sandra\Documents\Thumbs.db
2013-07-31 14:15 - 2013-08-15 09:37 - 00000000 ____D C:\Windows\system32\MRT
2013-07-29 14:56 - 2013-07-29 15:15 - 00080363 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xlsx
2013-07-29 14:56 - 2013-07-29 15:15 - 00080363 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xlsx
2013-07-29 14:41 - 2013-07-29 14:41 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xls
2013-07-29 14:41 - 2013-07-29 14:41 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xls
2013-07-28 15:38 - 2013-07-28 15:38 - 00001074 _____ C:\Users\Public\Desktop\Exact Audio Copy.lnk
2013-07-28 15:17 - 2013-07-28 15:17 - 00001409 _____ C:\Users\SanDi\Desktop\Free Audio CD to MP3 Converter.lnk
2013-07-28 12:54 - 2013-07-28 12:54 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013.xls
2013-07-28 12:54 - 2013-07-28 12:54 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013.xls
==================== One Month Modified Files and Folders =======
2013-08-21 22:14 - 2013-08-21 22:14 - 00004850 _____ C:\Users\Sandra\Documents\JRT.txt
2013-08-21 22:14 - 2013-08-21 22:14 - 00004850 _____ C:\Users\Sandra\Documents\JRT.txt
2013-08-21 22:13 - 2013-08-21 22:14 - 00004850 _____ C:\Users\SanDi\Desktop\JRT.txt
2013-08-21 22:00 - 2013-08-21 22:00 - 00000000 ____D C:\Windows\ERUNT
2013-08-21 21:58 - 2011-07-08 21:05 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-21 21:58 - 2011-07-08 21:01 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-21 21:58 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-21 21:58 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-21 21:53 - 2013-08-21 21:53 - 00020643 _____ C:\Users\Sandra\Documents\AdwCleaner[S0].txt
2013-08-21 21:53 - 2013-08-21 21:53 - 00020643 _____ C:\Users\Sandra\Documents\AdwCleaner[S0].txt
2013-08-21 21:53 - 2011-10-13 20:25 - 00000000 ____D C:\Users\SanDi\AppData\Roaming\Skype
2013-08-21 21:53 - 2011-07-25 11:20 - 00000000 ___RD C:\Users\SanDi\Dropbox
2013-08-21 21:53 - 2011-07-25 11:18 - 00000000 ____D C:\Users\SanDi\AppData\Roaming\Dropbox
2013-08-21 21:48 - 2013-07-12 15:32 - 00001884 _____ C:\Windows\PFRO.log
2013-08-21 21:48 - 2013-06-13 07:48 - 00002769 _____ C:\Windows\setupact.log
2013-08-21 21:48 - 2012-03-30 10:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-21 21:48 - 2011-07-08 21:01 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-21 21:48 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-21 21:47 - 2011-07-08 20:59 - 01107022 _____ C:\Windows\WindowsUpdate.log
2013-08-21 21:46 - 2013-08-21 21:32 - 00000000 ____D C:\AdwCleaner
2013-08-21 20:46 - 2011-07-08 21:07 - 00000000 ___RD C:\Users\Sandra\Favoriten Internet
2013-08-21 20:30 - 2013-08-21 20:30 - 00015760 _____ C:\Users\Sandra\Documents\Logfiles.zip
2013-08-21 20:30 - 2013-08-21 20:30 - 00015760 _____ C:\Users\Sandra\Documents\Logfiles.zip
2013-08-21 20:09 - 2013-08-21 20:09 - 00051348 _____ C:\Users\Sandra\Documents\FRST.txt
2013-08-21 20:09 - 2013-08-21 20:09 - 00051348 _____ C:\Users\Sandra\Documents\FRST.txt
2013-08-21 20:08 - 2013-08-21 20:08 - 00030276 _____ C:\Users\Sandra\Documents\FRS Tool.txt
2013-08-21 20:08 - 2013-08-21 20:08 - 00030276 _____ C:\Users\Sandra\Documents\FRS Tool.txt
2013-08-21 20:05 - 2013-08-21 20:05 - 00000000 ____D C:\FRST
2013-08-21 19:42 - 2013-08-21 19:42 - 00000000 ____D C:\Users\SanDi\AppData\Roaming\Malwarebytes
2013-08-21 19:39 - 2013-08-21 19:39 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-21 19:39 - 2013-08-21 19:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-21 19:39 - 2013-08-21 19:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-18 19:38 - 2013-01-11 23:09 - 00000000 ____D C:\ProgramData\fluxDVD
2013-08-15 16:00 - 2012-01-30 16:46 - 00000000 ____D C:\Users\Sandra\Documents\Kontoauszüge Sparkasse Duisburg
2013-08-15 16:00 - 2012-01-30 16:46 - 00000000 ____D C:\Users\Sandra\Documents\Kontoauszüge Sparkasse Duisburg
2013-08-15 15:41 - 2011-11-15 09:38 - 00000000 ____D C:\Users\Sandra\Documents\Outlook-Dateien
2013-08-15 15:41 - 2011-11-15 09:38 - 00000000 ____D C:\Users\Sandra\Documents\Outlook-Dateien
2013-08-15 15:39 - 2012-06-01 17:01 - 00000000 ____D C:\Users\Sandra\Documents\Dirk
2013-08-15 15:39 - 2012-06-01 17:01 - 00000000 ____D C:\Users\Sandra\Documents\Dirk
2013-08-15 09:40 - 2011-04-24 01:02 - 00654400 _____ C:\Windows\system32\perfh007.dat
2013-08-15 09:40 - 2011-04-24 01:02 - 00130240 _____ C:\Windows\system32\perfc007.dat
2013-08-15 09:40 - 2009-07-14 07:13 - 01520734 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-15 09:37 - 2013-07-31 14:15 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 08:19 - 2011-04-24 01:44 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 16:38 - 2012-05-28 08:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-13 16:38 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-13 08:07 - 2011-08-26 16:04 - 00118272 ___SH C:\Users\SanDi\Thumbs.db
2013-08-11 21:48 - 2013-08-11 21:48 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-11 21:48 - 2011-10-13 20:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-11 21:48 - 2011-10-13 20:24 - 00000000 ____D C:\ProgramData\Skype
2013-08-11 21:38 - 2013-06-14 19:41 - 547056337 _____ C:\Windows\MEMORY.DMP
2013-08-09 20:03 - 2013-08-07 14:02 - 00146432 ___SH C:\Users\Sandra\Documents\Thumbs.db
2013-08-09 20:03 - 2013-08-07 14:02 - 00146432 ___SH C:\Users\Sandra\Documents\Thumbs.db
2013-08-09 13:12 - 2013-08-09 13:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-05 20:03 - 2011-09-29 09:15 - 00000000 ____D C:\Users\Sandra\Documents\Eigene Scans
2013-08-05 20:03 - 2011-09-29 09:15 - 00000000 ____D C:\Users\Sandra\Documents\Eigene Scans
2013-08-01 16:00 - 2011-07-08 21:01 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-31 10:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-29 15:15 - 2013-07-29 14:56 - 00080363 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xlsx
2013-07-29 15:15 - 2013-07-29 14:56 - 00080363 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xlsx
2013-07-29 14:41 - 2013-07-29 14:41 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xls
2013-07-29 14:41 - 2013-07-29 14:41 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013 - mit Ankommen und Pausen.xls
2013-07-28 15:38 - 2013-07-28 15:38 - 00001074 _____ C:\Users\Public\Desktop\Exact Audio Copy.lnk
2013-07-28 15:38 - 2012-10-14 10:38 - 00000000 ____D C:\Program Files (x86)\Exact Audio Copy
2013-07-28 15:31 - 2012-10-14 11:02 - 00000000 ____D C:\Users\Sandra\Documents\DVDVideoSoft
2013-07-28 15:31 - 2012-10-14 11:02 - 00000000 ____D C:\Users\Sandra\Documents\DVDVideoSoft
2013-07-28 15:17 - 2013-07-28 15:17 - 00001409 _____ C:\Users\SanDi\Desktop\Free Audio CD to MP3 Converter.lnk
2013-07-28 15:17 - 2013-05-05 19:34 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-07-28 15:17 - 2012-10-14 10:52 - 00000000 ____D C:\Users\SanDi\AppData\Roaming\DVDVideoSoft
2013-07-28 12:54 - 2013-07-28 12:54 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013.xls
2013-07-28 12:54 - 2013-07-28 12:54 - 00167424 _____ C:\Users\Sandra\Documents\Wochenkalender-2013.xls
2013-07-26 07:13 - 2013-08-15 09:44 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-15 09:44 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-15 09:44 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-15 09:44 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-15 09:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-15 09:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-15 09:44 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-15 09:44 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-15 09:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-15 09:44 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-15 09:44 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-15 09:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-15 09:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-15 09:44 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 11:25 - 2013-08-14 16:50 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-14 16:50 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-27 07:45
==================== End Of Log ============================
--- --- ---
--- --- ---
AdwCleaner auf deinen Desktop.
Aktualität von System und Software
